Many Cybersecurity experts have said for years that we need to do better whitelisting, and that relying on blacklisting and anomaly detection is not good enough anymore.

Unfortunately, organizations often cannot technically implement the comprehensive security policies they want to (or should want to). This is because there are too many overlapping technical configs in too many places, and everything keeps changing dynamically. This is particularly hard for large, interconnected “IT landscapes” like IoT.

Better Security Policy Automation

We need better security policy automation tools that allow us to write policies in generic, simple terms, and automatically implement them, and update them if the IT landscape changes. This is of course easier said than done. In this talk we will present (and run a demo) of security policy automation we are developing as part of a current government R&D subcontract (across an interconnected medical device landscape and across an interconnected intelligent transport system). It allows to author generic policies, ingests numerous data sources, tests policies, generates technical policy configurations, and monitor. The presentation will explain technical approaches, benefits and challenges.

Questions? Let us know via